CVSROOT: /sources/gnash
Module name: gnash
Changes by: Sandro Santilli <strk> 08/01/28 11:09:32
Modified files:
server/vm : ASHandlers.cpp
Log message:
More escapes (subshell invocation, dollar signs..)
CVSWeb URLs:
http://cvs.savannah.gnu.org/viewcvs/gnash/server/vm/ASHandlers.cpp?cvsroot=gnash&r1=1.182&r2=1.183
Patches:
Index: ASHandlers.cpp
===================================================================
RCS file: /sources/gnash/gnash/server/vm/ASHandlers.cpp,v
retrieving revision 1.182
retrieving revision 1.183
diff -u -b -r1.182 -r1.183
--- ASHandlers.cpp 28 Jan 2008 11:04:47 -0000 1.182
+++ ASHandlers.cpp 28 Jan 2008 11:09:32 -0000 1.183
@@ -17,7 +17,7 @@
// Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
//
-/* $Id: ASHandlers.cpp,v 1.182 2008/01/28 11:04:47 strk Exp $ */
+/* $Id: ASHandlers.cpp,v 1.183 2008/01/28 11:09:32 strk Exp $ */
#ifdef HAVE_CONFIG_H
#include "gnashconfig.h"
@@ -2289,6 +2289,13 @@
boost::replace_all(safeurl, "<", "\\<"); // input redirection
boost::replace_all(safeurl, "&", "\\&"); // background (sic)
+ boost::replace_all(safeurl, "(", "\\("); // subshell :'(
+ boost::replace_all(safeurl, ")", "\\)"); //
+ boost::replace_all(safeurl, "}", "\\}"); //
+ boost::replace_all(safeurl, "{", "\\{"); //
+
+ boost::replace_all(safeurl, "$", "\\$"); // variable expansions
+
boost::replace_all(command, "%u", safeurl);
log_msg (_("Launching URL... %s"), command.c_str());
_______________________________________________
Gnash-commit mailing list
Gnash-commit@gnu.org
http://lists.gnu.org/mailman/listinfo/gnash-commit
